A Security Infrastructure for Trusted Devices
|
|
- Jordan Greer
- 5 years ago
- Views:
Transcription
1 Infrastructure () A Security Infrastructure for Trusted Devices Mahalingam Ramkumar Mississippi State University, MS Nasir Memon Polytechnic University, Brooklyn, NY January 31, 2005
2 Infrastructure () 1 Trusted Devices Renewal KDS Requirements 2 Random Key Pre-distribution Schemes 3 Infrastructure ()
3 Infrastructure () Emerging Models of Trust Trusted Devices Renewal KDS Requirements Paradigm shift in the model of trust in emerging applications Conventional applications - Client-server applications End users are trusted Trusted not to reveal passwords, private keys In theory, compromise of user A s secrets should not affect other users Pervasive / ubiquitous computing, ad hoc networks, DRM devices need to be trusted to behave in a responsible fashion not the owners or operators. How do we trust devices? More appropriately, how do devices trust each other?
4 Trusted Devices Outline Infrastructure () Trusted Devices Renewal KDS Requirements Devices play by the rules Compliance to established rules. How? Trusted devices provided with secrets Secrets serve as a hook for compliance Verify compliance before providing secrets Verification of (possession of) secrets = verification of compliance Mechanism to distribute and establish possession of secrets - key distribution scheme (KDS)
5 Infrastructure () Trusted Devices Renewal KDS Requirements Tamper Resistance and Read Proofness Even owners of the devices should not have access to the secrets Devices are trusted not to reveal their secrets! Both tamper resistance and read-proofness are mandatory Tamper resistance - guarantees that components that guarantee compliance cannot be modified after a device is provided with secrets Read proofness - guarantees that secrets from a compliant device cannot be transferred to a non-compliant device
6 Renewability Outline Infrastructure () Trusted Devices Renewal KDS Requirements Technology for tamper-resistance is expected to improve (necessity is the mother of invention!) Yet perfect tamper resistance / read proofing may never be achievable Need to renew secrets periodically
7 Infrastructure () Safe Renewal of Secrets Trusted Devices Renewal KDS Requirements Secrets originally assigned by the manufacturer Take the device back to the manufacturer every time for renewal? - not practical Renewal has to occur over open channels (Internet?) Devices will authenticate themselves using old secrets to receive new secrets If old secrets in a device have been compromised, what prevents an attacker from getting new secrets? Need an additional secret that cannot be compromised by tampering. No, password is not sufficient.
8 Infrastructure () Trusted Devices Renewal KDS Requirements Circuit-Delay Based Authentication B. Gassend, D. Clarke, M. van Dijk, S. Devadas, Delay-based Circuit Authentication and Applications, Proceedings of the 2003 ACM symposium on Applied Computing, Melbourne, Florida, pp , Uncontrollable delays unique to each chip can serve as a signature Not exposable by tampering Sensitive to environmental variations - could be compensated Possibly weak secret
9 Safe Renewal Outline Infrastructure () Trusted Devices Renewal KDS Requirements Assumptions 1 The existence of a weak secret which cannot be exposed by tampering. 2 The only way to obtain secrets from a device A is by tampering with the device A. 3 Devices that are tampered with are rendered unusable in the future. Safe renewal is feasible! The key renewal process (protocol) can de set up such that each brute force attempt would need TA s involvement!
10 Infrastructure () KDS Requirements Trusted Devices Renewal KDS Requirements Extremely large scale (billions of devices) Support ad hoc interactions (no Kerberos) Light on resources (possibly no asymmetric crypto) Interoperability - different vendors Renewability Multicast security?
11 What is KPD? Outline Infrastructure () Random KPD An (offline) TA and N nodes with unique IDs TA chooses P secrets R Node A is pre-loaded with k secrets S A = F (R, ID A ) Node B is pre-loaded with k secrets S B = F (R, ID B ) Nodes A and B can discover shared secret K AB = G(ID B, S A ) = G(ID A, S B ) Only nodes A and B can discover K AB
12 n-secure KPD Outline Infrastructure () Random KPD Pre-loaded keys in different nodes are not independent A finite number of other nodes can be compromised to reveal K AB n-secure KPD resists compromises of up to n nodes KPDs are tradeoffs between security and complexity Large n large k Different mechanisms of trade-off Efficient KPD schemes k = O(n)
13 Infrastructure () Extents of Compromise Random KPD Attacker pools keys from many node with the purpose of determining shares secret between Two nodes i and j (Attack 1) Node i and TA (Attack 2) All P secrets (Attack 3)
14 Infrastructure () Classes of KPDs Random KPD Deterministic KPDs based in finite field arithmetic (Blom, Matsuhito) Attacks 1,2,3 have the same complexity Subset intersection schemes (matrix, Mitch, Dyer, Erdos et al) Attacks 1 to 3 increasingly complex Random KPDs - provide only probabilistic guarantees For example, n-secure with probability of failure Most random KPDs are based on subset intersection Exception - Leighton and Micali (Scheme II) Attacks 1 to 3 increasingly complex
15 Infrastructure () Random KPD Probababilistic Guarantees are Good Enough! Even for determinsitic schemes the final shared secret has a finite number of bits What is the probability that an attacker can guess a 64-bit key? - more than Probabilistic guarantees are not bad as long as the probability of failure is small
16 Random KPDs Outline Infrastructure () Random KPD Two basic types Leighton and Micali (scheme III) - based on repeated hashing of preloaded keys Random preloaded subsets (RPS) - a slight modification of subset intersection schemes TA has P keys, each node is given a subset of k keys In SI schemes the allocation is done in a deterministic fashion In RPS it is done either randomly (Eschenauer-Gligor, Chan-Perrig-Song, Liu-Ning) or psuedo-randomly (Pietro-Mancini-Mei, Ramkumar-Memon) Former methods need bandwidth overhead to determine share keys - psuedo-random methods provide an elegant solution by using a one-way function of node ID
17 Infrastructure () Random KPD HAshed Random Preloaded Subsets Defined by three parameters, P, k, L TA chooses P secrets Each node gets a subset of the secrets (randomized by node ID) The preloaded keys are hashed repeatedly - a variable number of times Hash depths uniformly distributed between 1 and L (randomized by node ID) Shared secret based on maximum hash depths of the shared keys
18 Infrastructure (), RPS and LM Random KPD is a generalization of RPS and LM LM is with P = k RPS is with L = 0
19 Infrastructure () Illustration of Random KPD
20 Infrastructure () Summary of Properties Random KPD Efficient, k = O(n) RPS, k = O(n), LM, k = O(n 3 ) RPS - k = e log(p)n, - k = e log(p)n Theoretically, not possible to do better than O(n) Different threat models How difficult is it to fool another node? (Attack 1) To fool the TA? (Attack 2) All random KPDs provide more resistance to Attack 2 (which is good) does better than other random KPDs against Attack 1 And does very much better (by 2 orders of magnitude) against Attack 2. Safe renewal with KPDs - need additional unique key or high resistance to attack 2
21 And More! Outline Infrastructure () Random KPD Tree hierarchical extension (RPS - does not offer seperation of levels) Caters for seamless renewal The same preloaded secrets can also be used for Broadcast authentication - equivalent to signature schemes Targeted signatures / Designated verifiers... Broadcast encryption - an efficient solution for node revocation Discovery of group secrets Infrastructure
22 Infrastructure () vs PKI Feature 1 Deployment 2 Shared secret 3 Source Authentication 4 Non repudiation PKI 1 tree hierarchical deployment of CAs 2 exchanging signed public keys 3 encrypting with private key 4 source authentication 1 tree hierarchical deployment of TAs 2 exchanging unique IDs 3 appending key based MACs 4 source authentication with trusted devices
23 Infrastructure () vs PKI Feature 1 Revocation (1) 2 Revocation (2) 3 Automatic revocation 4 Seamless renewal 5 Broadcast Encryption 6 Choosing Public keys PKI 1 broadcasting revocation list 2 none 3 expiry of certificate 4 possible 5 not possible 6 not possible 1 broadcasting revocation list 2 broadcasting revocation secret 3 periodic renewal 4 possible with some loss of security 5 possible by TA and peers 6 possible
I-HARPS: An Efficient Key Pre-distribution Scheme
I-HARPS: An Efficient Key Pre-distribution Scheme Mahalingam Ramkumar Department of Computer Science and Engineering Mississippi State University Abstract We introduce an efficient random key pre-distribution
More informationKey establishment in sensor networks
Security and Cooperation in Wireless Networks http://secowinet.epfl.ch/ key types; establishment of link keys using a shortterm master key; random key predistribution: - the basic scheme, and - some improvements;
More informationKey establishment in sensor networks
Key establishment in sensor networks -- introduction to wireless sensor networks -- needed key types -- LEAP -- random key pre-distribution (c) Levente Buttyán (buttyan@crysys.hu) Wireless sensor networks
More informationSecure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks
Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks University of Cambridge Computer Laboratory 22nd IFIP TC-11 International Information Security Conference Sandton,
More informationI-HARPS: An Efficient Key Predistribution Scheme for Mobile Computing Applications
I-HARPS: An Efficient Key Predistribution Scheme for Mobile Computing Applications Mahalingam Ramkumar Department of Computer Science and Engineering Mississippi State University, Mississippi State, MS
More informationBISS: Building secure routing out of an Incomplete Set of Security associations
BISS: Building secure routing out of an Incomplete Set of Security associations Srdjan Čapkun and Jean-Pierre Hubaux Secure routing in ad hoc networks - Common assumptions for secure routing: - a network
More informationX.509. CPSC 457/557 10/17/13 Jeffrey Zhu
X.509 CPSC 457/557 10/17/13 Jeffrey Zhu 2 3 X.509 Outline X.509 Overview Certificate Lifecycle Alternative Certification Models 4 What is X.509? The most commonly used Public Key Infrastructure (PKI) on
More informationCSC 774 Advanced Network Security
CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security Dr. Peng Ning CSC 774 Adv. Net. Security 1 Wireless Sensor Networks 1. Network protocol (e.g., routing) 2. Data management (e.g.,
More informationCertificateless Public Key Cryptography
Certificateless Public Key Cryptography Mohsen Toorani Department of Informatics University of Bergen Norsk Kryptoseminar November 9, 2011 1 Public Key Cryptography (PKC) Also known as asymmetric cryptography.
More informationKey Agreement Schemes
Key Agreement Schemes CSG 252 Lecture 9 November 25, 2008 Riccardo Pucella Key Establishment Problem PK cryptosystems have advantages over SK cryptosystems PKCs do not need a secure channel to establish
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2018 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationSymmetric Cryptographic Protocols
Symmetric Cryptographic Protocols Mahalingam Ramkumar Symmetric Cryptographic Protocols 2123 Mahalingam Ramkumar Mississippi State University Mississippi State Mississippi USA ISBN 978-3-319-07583-9 ISBN
More informationSecurity Requirements for Crypto Devices
Security Requirements for Crypto Devices Version 1.0 02 May 2018 Controller of Certifying Authorities Ministry of Electronics and Information Technology 1 Document Control Document Name Security Requirements
More informationA Key-Management Scheme for Distributed Sensor Networks
A Key-Management Scheme for Distributed Sensor Networks Stratimir Doichev April 23, 2003 CSC 774 Network Security 1 Paper Overview A Key-Management Scheme for Distributed Sensor Networks, Laurent Eschenauer,
More informationProtocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh
Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols
More informationConsiderations about the Architecture Solutions for PKI in Ad-hoc-Networks
Considerations about the Architecture Solutions for PKI in Ad-hoc-Networks MIHAI-LICĂ PURA, VICTOR-VALERIU PATRICIU Military Electronic and Informatics Systems Faculty Military Technical Academy 81-83
More informationReliable Broadcast Message Authentication in Wireless Sensor Networks
Reliable Broadcast Message Authentication in Wireless Sensor Networks Taketsugu Yao, Shigeru Fukunaga, and Toshihisa Nakai Ubiquitous System Laboratories, Corporate Research & Development Center, Oki Electric
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationUse of Symmetric And Asymmetric Cryptography in False Report Filtering in Sensor Networks
Use of Symmetric And Asymmetric Cryptography in False Report Filtering in Sensor Networks Aleksi Toivonen Helsinki University of Technology Aleksi.Toivonen@tkk.fi Abstract Sensor networks are easily deployable
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationBy: Wenliang Du, Jing Deng, Yunghsiang S. Han, Pramod K. Varshney, Jonathan Katz, and Aram Khalili
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks By: Wenliang Du, Jing Deng, Yunghsiang S. Han, Pramod K. Varshney, Jonathan Katz, and Aram Khalili W. Du, J. Deng, Y. S. Han, P. K. Varshney,
More informationOverview of Authentication Systems
Overview of Authentication Systems Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-07/
More informationMessage Authentication and Hash function
Message Authentication and Hash function Concept and Example 1 Approaches for Message Authentication Encryption protects message against passive attack, while Message Authentication protects against active
More informationTest Conditions. Closed book, closed notes, no calculator, no laptop just brains 75 minutes. Steven M. Bellovin October 19,
Test Conditions Closed book, closed notes, no calculator, no laptop just brains 75 minutes Steven M. Bellovin October 19, 2005 1 Form 8 questions I m not asking you to write programs or even pseudo-code
More informationProving who you are. Passwords and TLS
Proving who you are Passwords and TLS Basic, fundamental problem Client ( user ) How do you prove to someone that you are who you claim to be? Any system with access control must solve this Users and servers
More informationEnhancing the Security in WSN using Three Tier Security Architecture Chanchal G. Agrawal *
Enhancing the Security in WSN using Three Tier Security Architecture Chanchal G. Agrawal * SCOE, Pune University Prof. J. B. Kulkarni SCOE, Pune University Abstract Security is the main issue while setting
More informationPublic Key Establishment
Public Key Establishment Bart Preneel Katholieke Universiteit Leuven February 2007 Thanks to Paul van Oorschot How to establish public keys? point-to-point on a trusted channel mail business card, phone
More informationCredential Management in the Grid Security Infrastructure. GlobusWorld Security Workshop January 16, 2003
Credential Management in the Grid Security Infrastructure GlobusWorld Security Workshop January 16, 2003 Jim Basney jbasney@ncsa.uiuc.edu http://www.ncsa.uiuc.edu/~jbasney/ Credential Management Enrollment:
More informationLecture 15 PKI & Authenticated Key Exchange. COSC-260 Codes and Ciphers Adam O Neill Adapted from
Lecture 15 PKI & Authenticated Key Exchange COSC-260 Codes and Ciphers Adam O Neill Adapted from http://cseweb.ucsd.edu/~mihir/cse107/ Today We will see how signatures are used to create public-key infrastructures
More informationAEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing
AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas Massachusetts Institute of Technology L C S Cases
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2017 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationDigital Certificates Demystified
Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates
More informationA General Probabilistic Model for Improving Key Assignment in Wireless Networks
A General Probabilistic Model for Improving Key Assignment in Wireless etworks Patrick Tague and Radha Poovendran etwork Security Lab (SL, Department of Electrical Engineering University of Washington,
More informationDATA INTEGRITY TECHNIQUES IN CLOUD: AN ANALYSIS
DATA INTEGRITY TECHNIQUES IN CLOUD: AN ANALYSIS 1 MS. R. K. PANDYA, 2 PROF. K. K. SUTARIA 1 M.E.[Cloud Computing] Student, Computer Engineering Department, V. V. P. Engineering College, Rajkot, Gujarat
More informationCode Verification Work of Sybil Attack in Wireless Sensor Network
Code Verification Work of Sybil Attack in Wireless Sensor Network Gayatri Devi 1, Rajeeb Sankar Bal 2, Shubhashree Tripathy 3 1 Professor, Department of CSE, Ajay Binay Institute of Technology, Cuttack,
More informationKerberos and Public-Key Infrastructure. Key Points. Trust model. Goal of Kerberos
Kerberos and Public-Key Infrastructure Key Points Kerberos is an authentication service designed for use in a distributed environment. Kerberos makes use of a thrusted third-part authentication service
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationAEGIS Secure Processor
AEGIS Secure Processor G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas L C S Cases for Physical Security Applications on untrusted hosts with untrusted owners Digital Rights
More informationForward-secure Key Evolution in Wireless Sensor Networks
Forward-secure Key Evolution in Wireless Sensor Networks Marek Klonowski 1 Mirosław Kutyłowski 1 Michał Ren 2 Katarzyna Rybarczyk 2 1 Wrocław University of Technology Wrocław, Poland 2 Adam Mickiewicz
More informationCS530 Authentication
CS530 Authentication Bill Cheng http://merlot.usc.edu/cs530-s10 1 Identification vs. Authentication Identification associating an identity (or a claimed identity) with an individual, process, or request
More informationThe SafeNet Security System Version 3 Overview
The SafeNet Security System Version 3 Overview Version 3 Overview Abstract This document provides a description of Information Resource Engineering s SafeNet version 3 products. SafeNet version 3 products
More informationPKI Credentialing Handbook
PKI Credentialing Handbook Contents Introduction...3 Dissecting PKI...4 Components of PKI...6 Digital certificates... 6 Public and private keys... 7 Smart cards... 8 Certificate Authority (CA)... 10 Key
More informationSERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Secure applications and services Security protocols
I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T X.1159 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (11/2014) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY
More informationOffline dictionary attack on TCG TPM weak authorisation data, and solution
Offline dictionary attack on TCG TPM weak authorisation data, and solution Liqun Chen HP Labs, UK Mark Ryan HP Labs, UK, and University of Birmingham Abstract The Trusted Platform Module (TPM) is a hardware
More informationCryptography and Network Security Chapter 14
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Key Management and Distribution No Singhalese, whether man or woman, would venture
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationSECURE SHARING OF DATA IN PRIVATE CLOUD BY RSA OAEP ALGORITHM. SRM University, Chennai
Volume 115 No. 6 2017, 689-695 ISSN: 1311-8080 (printed version); ISSN: 1314-3395 (on-line version) url: http://www.ijpam.eu ijpam.eu SECURE SHARING OF DATA IN PRIVATE CLOUD BY RSA OAEP ALGORITHM S. Selvakumar
More informationESTABLISHMENT OF SECURE COMMUNICATION IN WIRELESS SENSOR NETWORKS
ESTABLISHMENT OF SECURE COMMUNICATION IN WIRELESS SENSOR NETWORKS Ms.T P Rani 1, Dr. C Jaya Kumar 2 1 Research Scholar, Anna University of Technology,Chennai 1 ranitp.2010@gmail.com 2 Department of Computer
More informationWireless Network Security Spring 2016
Wireless Network Security Spring 2016 Patrick Tague Class #12 Routing Security; Forwarding Security 2016 Patrick Tague 1 SoW Presentation SoW Thursday in class I'll post a template Each team gets ~5 minutes
More informationWireless Network Security Spring 2011
Wireless Network Security 14-814 Spring 2011 Patrick Tague Jan 20, 2011 Class #4 Broadcast information security Agenda Broadcast information security Broadcast authentication and encryption Key management
More informationStudy Guide for the Final Exam
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Handout #22 Professor M. J. Fischer April 30, 2005 1 Exam Coverage Study Guide for the Final Exam The final
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More information18-642: Cryptography 11/15/ Philip Koopman
18-642: Cryptography 11/15/2017 Cryptography Overview Anti-Patterns for Cryptography Using a home-made cryptographic algorithm Using private key when public key is required Not considering key distribution
More informationKEY DISTRIBUTION AND USER AUTHENTICATION
KEY DISTRIBUTION AND USER AUTHENTICATION Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman
More informationThe Cryptographic Sensor
The Cryptographic Sensor Libor Dostálek and Václav Novák {libor.dostalek, vaclav.novak}@prf.jcu.cz Faculty of Science University of South Bohemia České Budějovice Abstract The aim is to find an effective
More informationLecture Note 6 KEY MANAGEMENT. Sourav Mukhopadhyay
Lecture Note 6 KEY MANAGEMENT Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Key Management There are actually two distinct aspects to the use of public-key encryption in this regard:
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationCryptography. Lecture 12. Arpita Patra
Cryptography Lecture 12 Arpita Patra Digital Signatures q In PK setting, privacy is provided by PKE q Integrity/authenticity is provided by digital signatures (counterpart of MACs in PK world) q Definition:
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationImplementing Cryptography: Good Theory vs. Bad Practice
Implementing Cryptography: Good Theory vs. Bad Practice Viet Pham Information Security Group, Department of Mathematics Royal Holloway, University of London Outline News report What is cryptography? Why
More informationSecurity analysis of OpenID, followed by a reference implementation of an npabased OpenID provider
Security analysis of OpenID, followed by a reference implementation of an npabased OpenID provider Sebastian Feld, Norbert Pohlmann Institute for Internet-Security, if(is) Gelsenkirchen University of Applied
More informationPublic Key Infrastructures
Public Key Infrastructures Certcoin Cryptography and Computer Algebra Prof. Johannes Buchmann Dr. Johannes Braun Background Blockchain Distributed database, consisting of a list of blocks Decentralized
More informationMU2b Authentication, Authorization and Accounting Questions Set 2
MU2b Authentication, Authorization and Accounting Questions Set 2 1. You enable the audit of successful and failed policy changes. Where can you view entries related to policy change attempts? Lesson 2
More informationEfficient Memory Integrity Verification and Encryption for Secure Processors
Efficient Memory Integrity Verification and Encryption for Secure Processors G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas Massachusetts Institute of Technology New Security
More informationModels of Authentications in Ad Hoc Networks and Their Related Network Properties
Models of Authentications in Ad Hoc Networks and Their Related Network Properties Katrin Hoeper and Guang Gong {khoeper, ggong}@calliope.uwaterloo.ca Department of Electrical and Computer Engineering University
More informationDistributed ID-based Signature Using Tamper-Resistant Module
, pp.13-18 http://dx.doi.org/10.14257/astl.2013.29.03 Distributed ID-based Signature Using Tamper-Resistant Module Shinsaku Kiyomoto, Tsukasa Ishiguro, and Yutaka Miyake KDDI R & D Laboratories Inc., 2-1-15,
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 24a December 2, 2013 CPSC 467, Lecture 24a 1/20 Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management and Trusted
More informationCryptographic protocols
Cryptographic protocols Lecture 3: Zero-knowledge protocols for identification 6/16/03 (c) Jussipekka Leiwo www.ialan.com Overview of ZK Asymmetric identification techniques that do not rely on digital
More informationDiffie-Hellman. Part 1 Cryptography 136
Diffie-Hellman Part 1 Cryptography 136 Diffie-Hellman Invented by Williamson (GCHQ) and, independently, by D and H (Stanford) A key exchange algorithm o Used to establish a shared symmetric key Not for
More informationISACA CISA. ISACA CISA ( Certified Information Systems Auditor ) Download Full Version :
ISACA CISA ISACA CISA ( Certified Information Systems Auditor ) Download Full Version : http://killexams.com/pass4sure/exam-detail/cisa QUESTION: 390 Applying a digital signature to data traveling in a
More informationSowing Seeds Protocol based Key Distribution for Wireless Sensor Network
Sowing Seeds Protocol based Key Distribution for Wireless Sensor Network Saif Al-Alak Department of Computer Science, College of Science for Women, University of Babylon, Iraq. Abstract Wireless Sensor
More informationA Set-Covering Approach for Modeling Attacks on Key Predistribution in Wireless Sensor Networks
A Set-Covering Approach for Modeling Attacks on Key redistribution in Wireless Sensor Networks atrick Tague Network Security Lab NSL) Dept. of Electrical Engineering University of Washington Seattle, Washington,
More informationAuthenticating People and Machines over Insecure Networks
Authenticating People and Machines over Insecure Networks EECE 571B Computer Security Konstantin Beznosov authenticating people objective Alice The Internet Bob Password= sesame Password= sesame! authenticate
More informationAuthentication in real world: Kerberos, SSH and SSL. Zheng Ma Apr 19, 2005
Authentication in real world: Kerberos, SSH and SSL Zheng Ma Apr 19, 2005 Where are we? After learning all the foundation of modern cryptography, we are ready to see some real world applications based
More informationT Cryptography and Data Security
T-79.4501 Cryptography and Data Security Lecture 10: 10.1 Random number generation 10.2 Key management - Distribution of symmetric keys - Management of public keys Stallings: Ch 7.4; 7.3; 10.1 1 The Use
More informationA Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks WENLIANG DU Syracuse University JING DENG University of New Orleans YUNGHSIANG S. HAN National Taipei University, Taiwan PRAMOD K. VARSHNEY
More informationDynamic Key Ring Update Mechanism for Mobile Wireless Sensor Networks
Dynamic Key Ring Update Mechanism for Mobile Wireless Sensor Networks Merve Şahin Sabancı University Istanbul, Turkey mervesahin@sabanciuniv.edu Abstract Key distribution is an important issue to provide
More informationECEN 5022 Cryptography
Introduction University of Colorado Spring 2008 Historically, cryptography is the science and study of secret writing (Greek: kryptos = hidden, graphein = to write). Modern cryptography also includes such
More informationLecture 6 - Cryptography
Lecture 6 - Cryptography CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12 Question Setup: Assume you and I donʼt know anything about
More informationOneID An architectural overview
OneID An architectural overview Jim Fenton November 1, 2012 Introduction OneID is an identity management technology that takes a fresh look at the way that users authenticate and manage their identities
More informationICS 180 May 4th, Guest Lecturer: Einar Mykletun
ICS 180 May 4th, 2004 Guest Lecturer: Einar Mykletun 1 Symmetric Key Crypto 2 Symmetric Key Two users who wish to communicate share a secret key Properties High encryption speed Limited applications: encryption
More informationNetwork Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2011
Network Security: Broadcast and Multicast Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2011 Outline 1. Broadcast and multicast 2. Receiver access control (i.e. data confidentiality)
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationIntroduction to Cryptography Lecture 10
Introduction to Cryptography Lecture 10 Digital signatures, Public Key Infrastructure (PKI) Benny Pinkas January 1, 2012 page 1 Non Repudiation Prevent signer from denying that it signed the message I.e.,
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 24 April 16, 2012 CPSC 467b, Lecture 24 1/33 Kerberos Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management
More informationKey Management and Distribution
2 and Distribution : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015 css441y15s2l10, Steve/Courses/2015/s2/css441/lectures/key-management-and-distribution.tex,
More informationAS with all networks comprising geographically distributed
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 2, NO. 3, JULY-SEPTEMBER 2005 233 On the Distribution and Revocation of Cryptographic Keys in Sensor Networks Haowen Chan, Virgil D. Gligor, Adrian
More informationVerteilte Systeme (Distributed Systems)
Verteilte Systeme (Distributed Systems) Lorenz Froihofer l.froihofer@infosys.tuwien.ac.at http://www.infosys.tuwien.ac.at/teaching/courses/ VerteilteSysteme/ Security Threats, mechanisms, design issues
More informationTLS. RFC2246: The TLS Protocol. (c) A. Mariën -
TLS RFC2246: The TLS Protocol What does it achieve? Confidentiality and integrity of the communication Server authentication Eventually: client authentication What is does not do Protect the server Protect
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationRethinking Authentication. Steven M. Bellovin
Rethinking Authentication Steven M. https://www.cs.columbia.edu/~smb Why? I don t think we understand the real security issues with authentication Our defenses are ad hoc I regard this as a step towards
More informationIT443 Network Security Administration Spring Gabriel Ghinita University of Massachusetts at Boston
IT443 Network Security Administration Spring 2018 Gabriel Ghinita University of Massachusetts at Boston Contact Information Instructor: Dr. Gabriel Ghinita Email: Gabriel.Ghinita@umb.edu (preferred contact)
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationCSC 5930/9010 Modern Cryptography: Public-Key Infrastructure
CSC 5930/9010 Modern Cryptography: Public-Key Infrastructure Professor Henry Carter Fall 2018 Recap Digital signatures provide message authenticity and integrity in the public-key setting As well as public
More informationDevelopment Authority of the North Country Governance Policies
Development Authority of the North Country Governance Policies Subject: Electronic Signature Policy Adopted: March 28, 2018 (Annual Meeting) Resolution: 2018-03-35 Table of Contents SECTION 1.0 INTRODUCTION...
More informationEnhanced Management of Certificate Caching and Revocation Lists in VANET
Enhanced Management of Certificate Caching and Revocation Lists in VANET Sadiq H. Abdulhussain Computer Engineering Department College of Engineering University of Baghdad ABSTRACT Vehicular network security
More informationWHITEPAPER. Vulnerability Analysis of Certificate Validation Systems
WHITEPAPER Vulnerability Analysis of Certificate Validation Systems The US Department of Defense (DoD) has deployed one of the largest Public Key Infrastructure (PKI) in the world. It serves the Public
More informationAuthentication Part IV NOTE: Part IV includes all of Part III!
Authentication Part IV NOTE: Part IV includes all of Part III! ECE 3894 Hardware-Oriented Security and Trust Spring 2018 Assoc. Prof. Vincent John Mooney III Georgia Institute of Technology NOTE: THE FOLLOWING
More informationElements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy
Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted
More information